Ask Slashdot: Using a Sandbox To Deal With Spambots? 167
shellster_dude writes "Slashdot is certainly no stranger to the problem of spam bots. While blocking a spam bot may seem like the best solution, it is likely that the spammer will simply re-register with a different name. While trying to solve this dilemma on my own forums, I had an epiphany. What if, instead of blocking a spam bot, I could mark a spammer, and then hide all their comments from everyone else? The spammer could continue to go their merry way, spamming to their heart's content. When they visit the forum, they see their spam comments correctly placed in the threads, but their comments would only be visible to them. Thus, an effective sandbox which would prevent them from registering a new user once they had been 'blocked.' Are any other Slashdotters familiar with this technique? Does any software currently use this technique?"
I will sell you this solution already debugged! (Score:5, Funny)
Why is nobody responding?
Re:I will sell you this solution already debugged! (Score:5, Informative)
Because it will be trivial for a spammer to check his posts from another account?
Re:I will sell you this solution already debugged! (Score:5, Interesting)
Because it will be trivial for a spammer to check his posts from another account?
I remember reading an article on Joel on Software some time ago that talks about this kind of approach. The difference was that instead of only showing those posts to the spammer/troll's account, they were also shown to that poster's /8 or /16 subnet (or something like that). This goes far in solving the problem for multiple accounts (but still fails for proxy servers).
The downside is that the troll's "local Internet" sees the spam/troll, but the greater Internet doesn't. It always seemed like a good tradeoff to me.
Wish I could find the article now, but not having any luck.
Re: (Score:2)
If we used addresses assigned by region it would be a great way to advertise locally. ;)
Seriously though, that (subnet sand-boxing) would be a great method. Especially considering you could then just block whoever it was locally spamming you instead of having to globally filter every spammer.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Subnet blocking works great if the spamster posts himself from his own computer.
If the spammer instead hires someone and then double checks that person's work, this would fail any time they are on different subnets. At best that makes it less likely that the spammer/contractor relation works out. If the spammer uses a botnet to post, this does the reverse of what you want. It gives the spammer access to the subnets on which the botnet is located, but it shows the spammer that it didn't post for everyone
Re: (Score:2)
Spammers have botnets to do their posting from. No IP-based approach is ever going to work on them, as they have a huge number of IP addresses readily available, and evenly distributed across the address space.
Make sure Google etc can't see it. (Score:5, Informative)
The really important thing is to make sure Google (and the other search engines and ad services, if you care about them) can't see the spam. That's the real objective of the spammers, and those that bother checking may find that spamming you is less effective in fixing their page ranks.
Re: (Score:2)
Because it will be trivial for a spammer to check his posts from another account?
It depends. For example vBulletin has their "Tachy goes to Coventry" option. I did use it in the past but haven't now for several years because all the person has to do, assuming the site is open to the public as my forums are, log out and view the thread their post is in (or if it's a thread they started and thus just has their post in it, just look at the forum listing they posted in) and they will see their post/thread isn't there. No need for a different user account. What I do with all spammers is BAN
Re: (Score:2)
Because it will be trivial for a spammer to check his posts from another account?
Yawn. When hellbanning became widespread the spammers just started creating a new account for every spam session.
Spammers are *bots* (maybe backed by people in third world countries who'll sit all day reading captchas for $0.10). Any idea of a 'battle of wits' between you and a spammer is just an overactive imagination on your part.
Re: (Score:2)
Easy solution. Make it so that spammers can see posts by everyone, including other spammers. That way spammers will think they are being successful, especially if you do an IP block on them.
Until the 2nd, 3rd, 4th account is identified and marked as a spam account, it won't be able to see the posts of the 1st account.
Re: (Score:2)
Re:I will sell you this solution already debugged! (Score:5, Insightful)
Re: (Score:2)
you can keep track of what accounts are accessed by what user. So when one of those accounts gets marked you just mark the associated accounts as well. It isn't perfectly clean but better deal with one misjudged user than loose thousands.
Still, just banning the troll/spamer and identifying high risk registration locations for monitoring is usually the cleanest way. Nowadays you clean your forum of one user in what 10ms?
Re:I will sell you this solution already debugged! (Score:5, Interesting)
Easy solution. Make it so that spammers can see posts by everyone, including other spammers. That way spammers will think they are being successful, especially if you do an IP block on them.
Until the 2nd, 3rd, 4th account is identified and marked as a spam account, it won't be able to see the posts of the 1st account.
I think you overestimate spammers. 99.9999999% of them aren't people, they're bots. I doubt they're even checking from other accounts.
Re: (Score:2)
He wouldn't spam from the account used for checking.
Re: (Score:2)
Still there are possibilities for the spammer. One is to use a "test account" that is not used for actually spamming but is only used for checking if spamming was successful. Another is to just create new accounts for every spam run anyway on the assumption that previous accounts will have been caught.
This has much the same problem as many "clever" soloutions to spam. They will work as long as only a few people use them but when they become popular it's pretty easy for the spammers to implement countermeasu
Re: (Score:2)
Re: (Score:2)
Most spammers are bots who are programmed to constantly create new accounts anyway.
Re: (Score:2)
Either way, whether you shadow ban them, or ban hem outright, the problem is still the same after that.
You'll still need to keep track of their ip address and other meta-data information to minimize the number of accounts they can create under different names. Also, I think you're overestimating the number of spammers who spam and then who check their spam results after that.
On my site, I strip out html and even urls, and yet, I still get plenty of spammers wasting cpu cycles trying to insert urls automatic
Re: (Score:2)
Once you identify them, serve them up a custom post message web page that will do a stupid DOS attack on whatever site is currently being attacked by the B-tards.. That will make their life very interesting.
Re:I will sell you this solution already debugged! (Score:5, Informative)
This technique is widely used against trolls on various Internet forums. It is often called 'Hellbanning' [lmgtfy.com]
Re:I will sell you this solution already debugged! (Score:5, Insightful)
Old Idea (Score:4, Informative)
Old idea that doesn't fix much because spammers change accounts after 1-20 posts anyway.
Re:Old Idea (Score:5, Interesting)
I wouldn't say it "doesn't work." I experienced this shadow banning after I mentioned I not only own a Hybrid electric car, but also a diesel car that gets similar mileage (49MPG). Well the environmentalists furiously attacked me for daring to use the word "diesel" in their forum, and the group owner (also anti-diesel) made my posts invisible.
It took me a few weeks to realize that none of my posts were being responded too. Rather than waste time with another account, I just left the place. So the shadow-ban worked.
Re:Old Idea (Score:4, Insightful)
Feels like apples to oranges a bit. You weren't a spammer, they just disagreed with you and provided a hostile environment for expressing your views, which would discourage any normal person from participating. A spammer probably wouldn't care about the shadow ban if they discovered it and would just create a new account if they felt that the target was valuable enough.
Re: (Score:2)
And it's also not apples and oranges because spammers aren't people...they are bots. They aren't checking to see if their posts are still there, since there's not much they can do about it one way or the other, and it takes up resources (and is hard to program) to do so. The bots just go on their merry way, regardless of what is done. You're better off just whacking the spam or setting things up so that it requires a human to post in the first place.
Re:Old Idea (Score:4, Insightful)
And it's also not apples and oranges because spammers aren't people...they are bots.
That's often true, but not 100%. I have basically two classes of spammer on my own forum. The bots are easy to detect with some clever coding (hint: bots only read HTML) but the human-driven spammers usually get through, only to be quickly banned. The bot attempts outnumber the human attempts by about 100 to 1, but the humans are far more likely to be successful.
Re: (Score:2)
I see the same thing in my forums. The capcha gets the spam bots but the mules (humans being paid pittance to spam) still try to get through, strangely they tend to post on a Monday morning.
What I do to catch them is:
* moderate the first X posts from any user.
* don't allow posts from certain countries, usually India, South Korea & China.
There's no automation on this as its low volume anyhow but it does work.
Re: (Score:2)
The idea that spambots come back and check what's happened to their forum spam is as ridiculous as thinking they care if their email spam bounces or is blocked. That takes intelligence, something spambots don't have.
Spambots move on, never looking back, relentlessly spamming regardless. They work to quantity, not quality.
Re: (Score:2)
As a forum owner (for a forum with an entirely different subject matter) your story sounds... unlikely. Extremely one-sided, at best. I get this kind of thing a lot on my own forum -- people who act like asshats (and are usually contrary at the same time) who point the finger at some kind of intolerance on the forum admin / moderators part. Usually, though, it's not that they mentioned some "unspeakable" word -- it's that they acted like asshats while doing it.
I'd bet real money that you were an asshat.
Re: (Score:2)
More precisely, most spammers use an account once. They may make several dozen posts at once (one phpbb bot I saw would post the same thing in every single subforum at once), or they may only make one, but they seem to assume that their account will be banned pretty much after the first infraction.
Assuming they're using bots, that makes sense. The exception would be human-generated spam, especially that which tries to camouflage as actual discussion, and double-especially if they use multiple accounts to ho
Re: (Score:2)
It can be very effective. The goal of the spammer is to have their content visible to both users and search engines for as long as possible. If the account gets banned in this way very quickly then the whole operation is without value, especially long term value to any search engines.
Create as many accounts as you like. If they get banned in the same way, the spammer never accomplishes his goal and has to spend an enormous amount of resources (botnets are not cheap to create) just to get short term visib
Re: (Score:2)
I just make it so someone has to have at least 2 manually approved comments or posts in order to be able to post automatically. No spam after that that isn't automatically captured. Just gotta clean out the posts every once in a while.
www.aftonbladet.se is using this, major media site (Score:3, Informative)
This comment is used extensively at major media outlets such at Swedish' tabloid "www.aftonbladet.se." Facebook is used to register users.
When a user is perceived as spamming - or writing opinions that are unwelcome - the user is marked, and simply not displayed to other visitors. But the user himself does not know, and keeps spamming.
Evil. Pure evil.
Re: (Score:3)
hellbanning. (Score:5, Informative)
http://en.wikipedia.org/wiki/Hellbanning
Re: (Score:2)
Mod parent up... perfect answer to the question.
Re: (Score:2)
So it works much like the Phantom Zone. Zod can see us, but can't interact with us. Brilliant!
Re: (Score:2)
Typically, hell banned users can see each others' posts. That way, trolls and spammers get to interact with other trolls and spammers.
Reddit (Score:5, Informative)
Reddit does something like this.
Re: (Score:2)
So does Slashdot. With low enough karma noone else will see your posts.
Shadow Ban (Score:5, Informative)
The practice goes by several other names I can't recall, but I know it as a "shadow ban"
Basically, you tick a box and nobody but that poster can see their nonsense.
Some forum software already includes the feature, others require a plugin or a roll-your-own solution.
Re:Shadow Ban (Score:5, Funny)
Hey, wacky idea, why not assign a "degree of spamminess" rating and let people decide on their own level of viewing? You could even do it for funny posts, informative posts, troll posts etc. Mind you, it could get out of hand and overly complicated.
Re:Shadow Ban (Score:4, Interesting)
I believe miserable users is a different trick or at least it is on Vbulletin. Miserable users adds a lengthy delay to all of the user's actions, kicks them to error pages, etc.
Nice functionality, or it would be if it didn't do unfortunate things to server load on 3.x.
vBulletin (Score:2)
You're correct.
The option he was thinking of does exist in VB, but it's called "Tachy goes to Coventry"
It's good for dealing with trolls
Re: (Score:2)
That it is. Especially combined with automatic multiple account detection. They can keep making more accounts and they just get detected and automatically added to the GI until they give up and go away.
Re: (Score:2)
Re:Shadow Ban (Score:5, Informative)
Drupal has a module to do this to put trolls in their own "cave"
http://drupal.org/project/cave [drupal.org]
Re: (Score:2)
They might become suspicious if they never saw any replies, so perhaps put all the banned folks in a group so they could spam each other. That would cause them extra angst, seeing only competitors replying.
Reddit Does (Score:5, Informative)
Wouldn't work (Score:2)
This wouldn't work because spambots don't keep using a single account. If it were that easy spambots would have already been long defeated.
Re: (Score:2)
or you could just blog all the scams you already recieve, use weboftrust to flag their site and if your lucky they will lose their godaddy accounts. it is a lot of work, but that is where weboftrust kicks in by distributed spam detection. once their main c&c gets detected they go down. i used to use spamcop, but i was inundated with spam, and normals cant always tell spam from nonspam however web of trust makes it a little easier for end users to never go to red ring sites.
Two Bots (Score:5, Insightful)
Easy to defeat the defeat (Score:2)
Seems like it would be easy enough to work around with a second bot that checks to make sure spam is getting through.
So you make the troll visible to all for a few seconds after the troll has posted, or always visible if someone tries to go to the site directly...
And the troll is visible for longer to anyone visiting the site from the same IP address.
But most spammers would not really bother with a verification pass. They have new places to spam.
Re: (Score:2)
You forgot this one: make all the trolls posts visible to all the other trolls.
No. (Score:5, Insightful)
What makes you think that they will stop just because their account doesn't get closed?
They will not notice the efficacy of their spam, they will just keep signing up and spamming. And you'll play whack-a-mole trying to put all their accounts into sandboxes.
Just how often does a spammer go back to see if his comment posted or not, or if his email got through? Rarely. Spam works on the basis of mass volume. Put a billion adverts on a billion websites and your sales will increase somehow. And the price of those adverts is next to zero after the first few thousand.
It won't work, but it will make a lot of hassle for you, from storage to filtering to just plain bandwidth if you have a thousand spammers realising they can auto-sign-up and spam you endlessly.
It's like running a "honeypot". You'll gather lots of data at great expense and resources. But you won't stop the spam.
Re: (Score:3)
But you won't stop the spam.
The idea (not that it's a particularly brilliant one) isn't to inconvenience spammers or to stop them spamming - it's designed to stop users being spammed. Think of it like putting all the mimes in the world on a remote island - they can carry on doing their thing but none of us have to put up with it.
Hmm. Excuse me, I have some extraordinarily silent renditions to arrange.
Re: (Score:2)
But you won't stop the spam.
The idea (not that it's a particularly brilliant one) isn't to inconvenience spammers or to stop them spamming - it's designed to stop users being spammed. Think of it like putting all the mimes in the world on a remote island - they can carry on doing their thing but none of us have to put up with it.
Hmm. Excuse me, I have some extraordinarily silent renditions to arrange.
The idea presumes that the spammer does some sort of follow-up to see if his posts aren't just deleted immediately, who will then decide IF he should post more spam from a different account. The false premise here is that they somehow value checking for old spam more than they do the opportunity to just post more spam.
The *only* way to stop spammers is to have enough of a profile on how they operate at any given time as to be able to algorithmically track their entire process. Trying to "beat" little piec
Re: (Score:2)
Re: (Score:2)
Re: (Score:3)
Whether it works or not, "Spambot Sandbox" is a great band name.
Re: (Score:2)
Great idea. I can see the marquee now:
Tonight only!
Opening act:
"Spambot Sandbox"
Feature Attraction:
"Hell Banned"
Re: (Score:2)
Once you've decided to ignore a post it's a small step to serve up a slightly different post message web page.
The spammer version post message page could just ignore the content of the message and only send minimal another spam type data, or could simply delay and fake a successful post page locally in javascript. It could fake being a common virus and hope the spammers ISP kicks him offline as a zombie (I'm thinking having it fire the post repeatedly to a well known botnet cnc server).
Re: (Score:2)
Or not.
Yes, most spammers do it on a mass basis and most don't bother to actually check if it's posted. As far as they care, their spamming tool signs up for an account (rarely, if ever, do they reuse a
Re: (Score:2)
I agree - and for smaller sites with less resources, you're basically encouraging traffic that eats your bandwidth and gives you no benefit in return for it.
Personally, I manually delete the small amount of spam Mollom doesn't catch,and all links have the nofollow on them. I seriously doubt the spammers are looking to see if their spam posts "work" because if they did, they'd see that I was deleting them fairly quickly and they were getting no pagerank from them anyway.
The "sandbox" is great if you have lot
Well, it would be easily detectable (Score:4, Interesting)
It would certainly prevent spam temporarily but
a) the spammer would notice rather quickly if their spam doesn't show up in Google
b) the spammer could easily defeat the system by simply re-registering with another username
c) one mistake on implementing the system (eg. allowing users to read 'sandboxed' comments through a link) could maybe hide it from your users but not from the other bots that crawl your site (again Google and security bots) which would then mark your site as spam.
The problem is that spamming is usually automated so you have to have the end-user jump through hoops in order to defeat them. One of the forums I moderate actually requires a legitimate introduction on the topic of the forum before they are allowed to post in the general forums. Defeats most spammers as it's somewhat of a niche forum and automated spam is immediately recognized and user/ip banned.
Article on Coding Horror (Score:2)
http://www.codinghorror.com/blog/2011/06/suspension-ban-or-hellban.html
vbulletin (Score:3, Funny)
A for Effort (Score:2)
A decent enough idea to be sure, but it must be carried forward to conclusion. Not only could these be detected by a second bot account, the spammer is still eating up your resources, whether it be disk space or processing cycles to detect viewing by bot accounts. Even if legit users never see the spam, the spammer half wins by making your system work harder to filter them out.
The Secret Garden (Score:5, Funny)
Re: (Score:3)
Usenet variant: Some free Usenet sites that have been havens for troublemakers or allow practices like injecting articles with fake paths get blocked from NNTP forwarding by other sites' admins. So pretty soon, posters on these sites see all the garbage they attempt to spam various groups with. But nobody else does.
Vbulletin (Score:3)
Vbulletin implements this with their global ignore (a.k.a. Tachy Goes to Coventry) function.
Just require activation (Score:3)
For extra points you could probably modify the registration process in all kinds of manners which would confound an automated and replay attacks. Chances are that for the average forum it would be sufficient that no script would even bother to defeat it and would simply move onto softer targets.
Re: (Score:2)
For extra points you could probably modify the registration process in all kinds of manners which would confound an automated and replay attacks. Chances are that for the average forum it would be sufficient that no script would even bother to defeat it and would simply move onto softer targets.
This is the answer, more or less. For small-to-middling forums, reducing spam is pretty easy. A few volunteers to delete the ones that get through suffices for the rest.
It breaks down to 1) keep out easy drive-by spammers, which means registration with a valid email address and some kind of barrier to detour the smarter bots (ReCaptcha and the like); 2) filter posts through Akismet or similar method; 3) have a community large enough and engaged enough to want to zero out spam posts.
The third step is the har
Allow posting right away, but moderate... (Score:4, Informative)
Replace the forum's captcha with one of a higher grade, e.g. Recaptcha
Or eliminate it altogether, since it doesn't help and really pisses off users.
Requiring new users to be registered and await activation before being able to post.
Instead of this allow anyone to post right away, but do not allow the first few posts to be seen until they have been verified to be valid by a human. Delegate some of this verification to your most active users.
Re: (Score:2)
Some ways to reduce spam.
ReCaptcha has become so difficult recently that I can't guess half of them. As well as being horribly distorted, many of the newer unknowns seem to be in foreign (non-english) languages, so you can't even guess them from context.
Beehive's "worm mode" (Score:2)
There used to be a Web forum product called Beehive (not sure on its status these days) which had this as a feature. A spammer or troll could spew all they wanted to, and if the "worm mode" bit was set, only they could see their postings -- nobody else.
For a constant troll, I'd say go for it. For a hit and run spammer who really just wants to get stuff on the board and then run off, I'd say don't bother; they won't be back on that account most likely.
nope (Score:5, Insightful)
Your post advocates a
(X) technical ( ) legislative ( ) market-based ( ) vigilante
approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)
( ) Spammers can easily use it to harvest email addresses
( ) Mailing lists and other legitimate email uses would be affected
(X) No one will be able to find the guy or collect the money
(X) It is defenseless against brute force attacks
( ) It will stop spam for two weeks and then we'll be stuck with it
( ) Users of email will not put up with it
( ) Microsoft will not put up with it
( ) The police will not put up with it
( ) Requires too much cooperation from spammers
( ) Requires immediate total cooperation from everybody at once
( ) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
( ) Anyone could anonymously destroy anyone else's career or business
Specifically, your plan fails to account for
( ) Laws expressly prohibiting it
( ) Lack of centrally controlling authority for email
( ) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
(X) Asshats
( ) Jurisdictional problems
( ) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
( ) Huge existing software investment in SMTP
( ) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
(X) Armies of worm riddled broadband-connected Windows boxes
(X) Eternal arms race involved in all filtering approaches
(X) Extreme profitability of spam
( ) Joe jobs and/or identity theft
( ) Technically illiterate politicians
( ) Extreme stupidity on the part of people who do business with spammers
( ) Dishonesty on the part of spammers themselves
( ) Bandwidth costs that are unaffected by client filtering
( ) Outlook
and the following philosophical objections may also apply:
( ) Ideas similar to yours are easy to come up with, yet none have ever been shown practical
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
( ) Whitelists suck
( ) We should be able to talk about Viagra without being censored
( ) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks
( ) Countermeasures must work if phased in gradually
( ) Sending email should be free
( ) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
(X) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
( ) Killing them that way is not slow and painful enough
Furthermore, this is what I think about you:
(X) Sorry dude, but I don't think it would work.
( ) This is a stupid idea, and you're a stupid person for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn your house down!
Re: (Score:2)
That's a standard form. The person just went through and filled it out. I doubt that it took long. In my opinion, several of the Xs are wrong. For example:
(X) No one will be able to find the guy or collect the money
What money? Why do you need to find the guy? Better would have been
( ) It will stop spam for two weeks and then we'll be stuck with it
As this is the kind of approach against spam that is easy to bypass once spammers realize that it is there.
Yes, it has been done (Score:5, Funny)
There's a site called Slashdot [slashdot.org] which allows comments to be rated from 0 to 5. Spam, trolls, and posts like this one will be moderated down to zero and blocked from view by most other users.
Check it out some time.
Re: (Score:3)
-1 and up actually. I believe it goes over +5 even if it only displays +5, it seems to offer a buffer against people troll modding because they don't like what you have to say.
Re:Yes, it has been done (Score:4, Informative)
--
Recently, there was a spate of spam on slashdot about antivirus software. IIRC, in a single day there were eight instances/variants of the same spam on a single discussion alone [and more on other discussions on the same day]. Different spiels, accounts, AC's.
Such aggressive spamming can [realistically] only be dealt with by the site itself (e.g. filtering by content). The content trigger was probably easy, as each spam message would feature the product name no less than 10 times.
I haven't seen the particular spam recently, so I'm guessing something was done about it.
Re: (Score:2)
Either that or the insufferable douchebags at the MCPC marketing arm finally figured out that Google doesn't crawl the forums here... Fucking twits.
Pluck Software (Score:2)
Do the cost benefit analysis (Score:3)
Currently:
Spammers can register and post for free (or sufficiently free do to low captcha cost)
You propose:
A way to squelch individual accounts. (Assuming errouneously that it has some cost to them)
The result:
Spammers will still continue registering new accounts, because in no way does it affect their cost.
A better solution: make them fund their account - PayPal with some trivial designated amount - $0.75, correlate it to the paypal address during signup. You've now added real cost and real verification. Hold the money for some time, then reverse it. The likely outcome is they'll start using stolen credit card numbers, or stop.
Re: (Score:3)
And that means that I will never ever use the forum. I do no business with paypal, at all, ever. They are a shady business with questionable ethics at best.
Re: (Score:3)
I hear ya. Accept bitcoin then. At least that market is not as shady.
Re: (Score:3)
Hell, if I could get 10 million people to let me borrow a $1 for 6 months... I'd gladly return their money after collecting interest off it.
Torture the blind (Score:2)
Do like the supermarkets do. Just rearrange everything on the sign up page every couple of weeks or so
Analogy with SMTP (Score:3)
As an analogy, normal banning is like an SMTP server rejecting spam with a 5xx failure code, while your scheme would have the server accept the spam with a 2xx code but throw the message in /dev/null
Each method has the usual pros and cons: Pretending to accept mail reduces (but does not completely eliminate) feedback to the spammer as to whether or not the message made it through. However, it plays hell with legitimate users; false-positives become much more problematic if there's not feedback.
Markov... (Score:2)
Hmm (Score:2)
I had this idea years ago (Score:2)
When I was a forum mod for a large forum some years ago, we had a lot of troll problems and the same guys would keep showing up as sock puppets. A lot of the time it took a while to suss out if someone was for real or one of the persistent trolls.
So I did come up with an idea to mirror the forum, with idiots and highly suspected idiots able to post all they wanted on the fake mirror, with the non crappy people on the real forum. So what it looked like was that everyone had the trolls on their ignore list,
done for anti-email spam (Score:2)
I worked at a anti-spam company a few years. That was one of the things we did. We would send a 250 Ok to a message regardless of if it was accepted or not. If it wasn't accepted the customer had the option of putting it into a quarantine or just not writing it anywhere. I think we also always told suspect bad senders (essentially anyone we haven't seen before or anyone with a non-perfect score in our reputation and various blocklists) that a recipient exists. If things were suspect we'd throttle their con
Re: (Score:2)
Re: (Score:2)
Indeed. I do part-time abuse desk work for a medium-sized email provider. We have basic no-automated-signup methods, such as only allowing one new account per day per /24 (we're only doing IPv4 right now, but are working on transitioning to dual-stack) and a captcha. It's reasonably effective at stopping bot signups, though we do see a lot of spammers creating new accounts from a bunch of open proxies to avoid the subnet blocks.
It's clear that they're the same spammer, as they create accounts with distincti
Re: (Score:3)
For a long time just about everything I posted ended up this way. I think using correctly formed HTML was their trigger, since there was absolutely no way the ads I posted could be considered spam. It was very annoying as a user.
Re: (Score:2)
And besides the spammer can log in through a proxy find out he's being censored, and just open another account through the proxy.
I see this argument quite often. It is a false argument.
A big problem on forums is the problem of multiple posts by the same completely automated spammer.
It is like the bot runs using the same account/ip until the site returns an error code, and then it makes a new account or uses a new proxy or both
The desirable effect of the hellban is to return no error code to fully automated spambots, thus cutting down on the amount of spam viewed by desirable patrons and search indexers.
Of course the database size sti